Apple has released Beats Firmware Update 1B211 to address a high-severity Bluetooth vulnerability in Beats Studio Buds that could allow a nearby attacker to eavesdrop through the device’s microphone before a pairing connection is established.
The update, released on June 16, 2026, patches CVE-2025-20701, discovered by security researchers Dennis Heinze and Frieder Steinmetz of ERNW GmbH.
The flaw resides deep within the Bluetooth stack and specifically targets devices that are not yet paired but are actively broadcasting pairing requests.
Apple Fixes Beats Bluetooth Eavesdropping Flaw
Tracked as CVE-2025-20701, the vulnerability originates in open-source code, making Apple Software one of several potentially affected projects downstream.
What makes this flaw particularly alarming is its attack surface: it exploits the pairing discovery phase, a stage when most users assume their device is idle or harmless.
In reality, an attacker within standard Bluetooth range (typically up to 10 meters) can silently intercept audio via the built-in microphone of an unpaired Beats Studio Buds unit, without prior device access, credentials, or a visible alert on the host device.
Because Beats Studio Buds feature a built-in microphone designed for ambient audio and voice input, the consequences of successful exploitation extend well beyond a typical wireless attack.
An adversary in a crowded public space, office environment, or conference room could silently capture conversations during the pre-authentication window, posing serious risks to individuals in sensitive or high-security roles.
This type of pre-authentication Bluetooth eavesdropping attack requires only physical proximity, making it accessible to a wide range of threat actors without sophisticated tooling or elevated privileges.
Affected and Patch Devices
The security patch is exclusively available for Beats Studio Buds via Beats Firmware Update 1B211. Apple distributes firmware updates automatically when the headphones are paired with, and within Bluetooth range of an iPhone, iPad, or Mac; no manual installation is required.
Users can verify their firmware version through the following steps:
- iPhone/iPad: Settings → Bluetooth → tap the info (ⓘ) button next to Beats Studio Buds
- Mac: System Settings → Bluetooth → info button next to the device
Security teams and individual users should take immediate steps to confirm their Beats Studio Buds are running firmware version 1B211 or later. Additional mitigations include:
- Avoiding pairing/discoverable mode in public or sensitive environments until the update is confirmed installed
- Enterprise and security-conscious organizations managing shared or issued audio devices should conduct a firmware compliance audit across their entire device fleet
- Users in regulated industries such as legal, finance, or government should treat unpatched audio peripherals as potential eavesdropping vectors until remediation is verified
The disclosure of CVE-2025-20701 adds to a growing body of research highlighting the security risks of Bluetooth-enabled peripherals during the pre-pairing phase.
As wearable audio devices become standard equipment in professional environments, this class of vulnerability underscores the need for organizations to extend their device security policies beyond traditional endpoints to include firmware-level controls on consumer-grade accessories.
No Comment! Be the first one.